/** * Hook that updates the last action after the authentication. * * @param OnAuthenticationEvent $event */ public function updateOnLogin(OnAuthenticationEvent $event) { /** @var \AppBundle\Model\User\User $user */ $user = $event->getUser(); // saving is not necessary since the user will be updated after triggering // this event during the login $user->updateLastAction(); }
/** * Validates the user during the authentication process. * * @param OnAuthenticationEvent $event * * @throws CredentialException If the user is locked */ public function validateUserOnAuthentication(OnAuthenticationEvent $event) { /** @var User $user */ $user = $event->getUser(); $isLocked = $user->isLocked(); $isNonApproved = $user->getState() !== User::STATE_APPROVED; if ($isLocked || $isNonApproved) { $message = $isNonApproved ? 'BACKEND_AUTH_NON_APPROVED' : 'BACKEND_AUTH_LOCKED'; throw new CredentialException($message); } }
/** * Validates the user during the authentication process. * * @param OnAuthenticationEvent $event * * @throws CredentialException If the user is locked */ public function validateUserOnAuthentication(OnAuthenticationEvent $event) { /** @var User $user */ $user = $event->getUser(); $isLocked = $user->isLocked(); $isNonApproved = !$user->isApproved(); if ($isLocked || $isNonApproved || $this->temporaryBlockedAccountProvider->isAccountTemporaryBlocked($user->getId())) { switch (true) { // NOTE: it's necessary to check `locked` at first now since `locked` is a state transition that can't be done // if a user is non-approved, but can be done if the user's approved. Therefore // it's safe to rely on $isLocked without looking at `$isNonApproved`, but $isNonApproved is false // if the user's locked since this is another state. case $isLocked: $message = 'BACKEND_AUTH_LOCKED'; break; case $isNonApproved: $message = 'BACKEND_AUTH_NON_APPROVED'; break; default: $message = 'BACKEND_AUTH_BLOCKED'; } throw new CredentialException($message); } }